package ch.comtools.ssh.authentication;

import ch.comtools.ssh.packet.SSHPacket;

/**
 * Message Authentication Code.
 * <p>
 * <code>mac = MAC(key, sequence_number || unencrypted_packet)</code>
 * </p><p>
 * The following MAC algorithms are currently defined:
 * </p>
 * <dl>
 * <dt>hmac-sha1 (REQUIRED)</dt>
 * <dd>HMAC-SHA1 (digest length = key length = 20)</dd>
 * <dt>hmac-sha1-96 (RECOMMENDED)</dt>
 * <dd>first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)</dd>
 * </dl>	
 * </p>
 * 
 * @author Roger Dudler <roger.dudler@gmail.com>
 * @since 1.0
 */
public interface MAC {

	/**
	 * Compute a message authentication code for a given
	 * SSH packet.
	 * @param key shared secret
	 * @param sequence sequence number (packet number), will wrap around after 2^32 packets.
	 * @param packet ssh packet
	 * @return
	 */
	public byte[] compute(String key, int sequence, SSHPacket packet);

}
